Date: Tue, 06 Oct 2015 13:02:41 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 203585] update 235959 and 235961 breaks ipv6 layer 4 checksums in ipf Message-ID: <bug-203585-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203585 Bug ID: 203585 Summary: update 235959 and 235961 breaks ipv6 layer 4 checksums in ipf Product: Base System Version: 10.2-STABLE Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: andywhite@gmail.com r235959 changes ipv6 layer4 checksums for udp and r235961 changes ipv6 layer4 checksums for tcp these changes result in th_sum and uh_sum only containing pseudo checksum data, which breaks ipfilter checksum verification for stateful ipv6 . sys/contrib/ipfilter/netinet/fil.c compares for tcp csump = &((tcphdr_t *)fin->fin_dp)->th_sum; or for udp csump = &udp->uh_sum; against ipfilters own checksum functions fr_cksum , to validate checksums, this check now fails, resulting in ipfilter not being able to function statefully for ipv6 tcp/udp see bug 203275 -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-203585-8>